Configuring CI Using Azure Pipelines and Nx

Below is an example of an Azure Pipelines setup for an Nx workspace - building and testing only what is affected.

Check your Shallow Fetch settings

Nx needs additional Git history available for affected to function correctly. Make sure Shallow fetching is disabled in your pipeline settings UI. For more info, check out this article from Microsoft here.

Unlike GitHub Actions and CircleCI, you don't have the metadata to help you track the last successful run on main. In the example below, the base is set to HEAD~1 (for push) or branching point (for pull requests), but a more robust solution would be to tag an SHA in the main job once it succeeds and then use this tag as a base. You can also try using the devops CLI within the pipeline yaml. See the nx-tag-successful-ci-run and nx-set-shas (version 1 implements tagging mechanism) repositories for more information.

Tracking the origin branch

If you're using this action in the context of a branch you may need to add run: "git branch --track main origin/main" before running the nx affected command since origin/main won't exist.

We also have to set NX_BRANCH explicitly. NX_BRANCH does not impact the functionality of your runs, but does provide a human-readable label to easily identify them in the Nx Cloud app.

1trigger: 2 - main 3pr: 4 - main 5 6variables: 7 CI: 'true' 8 ${{ if eq(variables['Build.Reason'], 'PullRequest') }}: 9 NX_BRANCH: $(System.PullRequest.PullRequestId) # You can use $(System.PullRequest.PullRequestNumber if your pipeline is triggered by a PR from GitHub ONLY) 10 TARGET_BRANCH: $[replace(variables['System.PullRequest.TargetBranch'],'refs/heads/','origin/')] 11 ${{ if ne(variables['Build.Reason'], 'PullRequest') }}: 12 NX_BRANCH: $(Build.SourceBranchName) 13 HEAD_SHA: $(git rev-parse HEAD) 14 15jobs: 16 - job: main 17 pool: 18 vmImage: 'ubuntu-latest' 19 steps: 20 # Set Azure Devops CLI default settings 21 - bash: az devops configure --defaults organization=$(System.TeamFoundationCollectionUri) project=$(System.TeamProject) 22 displayName: 'Set default Azure DevOps organization and project' 23 24 # Get last successfull commit from Azure Devops CLI 25 - bash: | 26 LAST_SHA=$(az pipelines build list --branch $(Build.SourceBranchName) --definition-ids $(System.DefinitionId) --result succeeded --top 1 --query "[0].triggerInfo.\"ci.sourceSha\"") 27 if [ -z "$LAST_SHA" ] 28 then 29 LAST_SHA=$DEFAULT_BASE_SHA 30 fi 31 echo "Last successful commit SHA: $LAST_SHA" 32 echo "##vso[task.setvariable variable=BASE_SHA]$LAST_SHA" 33 displayName: 'Get last successful commit SHA' 34 env: 35 AZURE_DEVOPS_EXT_PAT: $(System.AccessToken) 36 37 - script: npm ci 38 39 - script: npx nx format:check --base=$(BASE_SHA) 40 41 - script: npx nx affected --base=$(BASE_SHA) -t lint --parallel=3 42 - script: npx nx affected --base=$(BASE_SHA) -t test --parallel=3 --configuration=ci 43 - script: npx nx affected --base=$(BASE_SHA) -t build --parallel=3 44

The main job implements the CI workflow.

Get the Commit of the Last Successful Build

The idea is to use Azure Devops CLI directly in the Pipeline Yaml

First, we configure Devops CLI

1# Set Azure Devops default settings 2- bash: az devops configure --defaults organization=$(System.TeamFoundationCollectionUri) project=$(System.TeamProject) 3 displayName: 'Configure Azure DevOps organization and project' 4

Then we can query the pipelines API (providing the auth token)

1# Get last successfully commit infos from Azure Devops 2- bash: | 3 LAST_SHA=$(az pipelines build list --branch $(Build.SourceBranchName) --definition-ids $(System.DefinitionId) --result succeeded --top 1 --query "[0].triggerInfo.\"ci.sourceSha\"") 4 echo "Last successful commit SHA: $LAST_SHA" 5 echo "##vso[task.setvariable variable=BASE_SHA]$LAST_SHA" 6 displayName: 'Get last successful commit SHA' 7 env: 8 AZURE_DEVOPS_EXT_PAT: $(System.AccessToken) 9

We can target a specific build, in this example we specified:

  • The branch (--branch)
  • The pipeline Id (--definition-ids)
  • The result type (--result)
  • The number of result (-top)

By default the command returns an entire JSON object with all the information. But we can narrow it down to the desired result with the --query param that uses JMESPath format (more details)

Finally we extract the result in a common custom variable named BASE_SHA used later by nx affected commands

An example with a default SHA in case no commit is found:

azure-pipelines.yml
1trigger: 2 - main 3pr: 4 - main 5 6variables: 7 CI: 'true' 8 NX_BRANCH: $(Build.SourceBranchName) 9 DEFAULT_BASE_SHA: $(git rev-parse HEAD~1) 10 HEAD_SHA: $(git rev-parse HEAD) 11 12jobs: 13 - job: main 14 pool: 15 vmImage: 'ubuntu-latest' 16 steps: 17 # Set Azure Devops CLI default settings 18 - bash: az devops configure --defaults organization=$(System.TeamFoundationCollectionUri) project=$(System.TeamProject) 19 displayName: 'Set default Azure DevOps organization and project' 20 21 # Get last successfull commit from Azure Devops CLI 22 - bash: | 23 LAST_SHA=$(az pipelines build list --branch $(Build.SourceBranchName) --definition-ids $(System.DefinitionId) --result succeeded --top 1 --query "[0].triggerInfo.\"ci.sourceSha\"") 24 if [ -z "$LAST_SHA" ] 25 then 26 LAST_SHA=$DEFAULT_BASE_SHA 27 fi 28 echo "Last successful commit SHA: $LAST_SHA" 29 echo "##vso[task.setvariable variable=BASE_SHA]$LAST_SHA" 30 displayName: 'Get last successful commit SHA' 31 env: 32 AZURE_DEVOPS_EXT_PAT: $(System.AccessToken) 33 34 - script: npm ci 35 36 - script: npx nx workspace-lint 37 - script: npx nx format:check 38 39 - script: npx nx affected --base=$(BASE_SHA) -t lint --parallel=3 40 - script: npx nx affected --base=$(BASE_SHA) -t test --parallel=3 --ci --code-coverage 41 - script: npx nx affected --base=$(BASE_SHA) -t build --parallel=3 42

Distributed CI with Nx Cloud

Read more about Distributed Task Execution (DTE).

1trigger: 2 - main 3pr: 4 - main 5 6variables: 7 CI: 'true' 8 ${{ if eq(variables['Build.Reason'], 'PullRequest') }}: 9 NX_BRANCH: $(System.PullRequest.PullRequestNumber) 10 TARGET_BRANCH: $[replace(variables['System.PullRequest.TargetBranch'],'refs/heads/','origin/')] 11 BASE_SHA: $(git merge-base $(TARGET_BRANCH) HEAD) 12 ${{ if ne(variables['Build.Reason'], 'PullRequest') }}: 13 NX_BRANCH: $(Build.SourceBranchName) 14 BASE_SHA: $(git rev-parse HEAD~1) 15 HEAD_SHA: $(git rev-parse HEAD) 16 17jobs: 18 - job: agents 19 strategy: 20 parallel: 3 21 displayName: Nx Cloud Agent 22 pool: 23 vmImage: 'ubuntu-latest' 24 steps: 25 - script: npm ci 26 - script: npx nx-cloud start-agent 27 28 - job: main 29 displayName: Nx Cloud Main 30 pool: 31 vmImage: 'ubuntu-latest' 32 steps: 33 - script: npm ci 34 - script: npx nx-cloud start-ci-run --stop-agents-after="build" 35 36 - script: npx nx-cloud record -- npx nx format:check --base=$(BASE_SHA) --head=$(HEAD_SHA) 37 - script: npx nx affected --base=$(BASE_SHA) --head=$(HEAD_SHA) -t lint --parallel=3 & npx nx affected --base=$(BASE_SHA) --head=$(HEAD_SHA) -t test --parallel=3 --configuration=ci & npx nx affected --base=$(BASE_SHA) --head=$(HEAD_SHA) -t build --parallel=3 38

You can also use our ci-workflow generator to generate the pipeline file.